package com.springboot.frame.oauth.server.security.hadler;


import com.springboot.frame.oauth.server.utils.ResponseUtils;
import com.springboot.frame.oauth.server.utils.ResultCode;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author liheng
 * @ClassName SecurityAccessDeniedHandler
 * Spring Security 认证授权相关的异常相关处理
 * 1 实现 AuthenticationEntryPoint
 * 2 实现 AccessDeniedHandler
 * 3 使其生效
 * http.exceptionHandling().accessDeniedHandler(new SecurityAccessDeniedHandler())
 * @Description 实现并配置这两个异常处理类即可实现对 Spring Security 认证授权相关的异常进行统一的自定义处理
 * @date 2020-07-17 12:35
 */
@Component
@Slf4j
public class  SecurityAccessDeniedHandler implements AccessDeniedHandler {
	@Override
	public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) {
		log.info(request.getRequestURL()+"没有权限");
		ResponseUtils.renderJson(response, ResultCode.LIMITED_AUTHORITY);
	}
}
